Misplaced Pages

ZAP (software)

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Open-source web application security scanner
ZAP by Checkmarx
Logo including Checkmarx, since 2024
Stable release2.15.0 / 7 May 2024; 7 months ago (2024-05-07)
Repository
Written inJava
Operating systemLinux, Windows, macOS
Available in25 languages
TypeDynamic application security testing
LicenseApache Licence
Websitewww.zaproxy.org

ZAP (Zed Attack Proxy) is a dynamic application security testing tool published under the Apache License. When used as a proxy server it allows the user to manipulate all of the traffic that passes through it, including HTTPS encrypted traffic. It can also run in a daemon mode which is then controlled via a REST-based API.

History

ZAP was originally forked from Paros which was developed by Chinotec Technologies Company. Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros.

The first release was announced on Bugtraq in September 2010, and became an OWASP project a few months later. In 2023, ZAP developers moved to the Linux Foundation, where they became a part of the Software Security Project. As of September 24, 2024, all of the main developers joined Checkmarx as employees and ZAP was rebranded as ZAP by Checkmarx.

ZAP was listed in the 2015 InfoWorld Bossie award for The best open source networking and security software.

Features

Some of the built in features include:

See also

Further reading

References

  1. "OWASP ZAP". Crowdin.com. Retrieved 3 November 2014.
  2. "ZAP – Paros Proxy". zaproxy.org. Retrieved 2024-10-18.
  3. Bennetts, Simon (2014). Security Testing for Developers Using OWASP ZAP (Speech). JavaOne San Francisco 2014. Oracle. Event occurs at 23:30. Retrieved 2 June 2015.
  4. Wylie, Phillip; Crawley, Kim (2021). The pentester blueprint: starting a career as an ethical hacker (1 ed.). Indianapolis: John Wiley and Sons. p. 75. ISBN 978-1-119-68430-5.
  5. "Bugtraq: The Zed Attack Proxy (ZAP) version 1.0.0". bugtraq. Retrieved 2024-10-18.
  6. "ZAP Core Team to move to Linux Foundation | OWASP Foundation".
  7. "ZAP is Joining the Software Security Project". August 1, 2023.
  8. "Welcoming ZAP to the Software Security Project". July 31, 2023.
  9. https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/
  10. "Bossie Awards 2015: The best open source networking and security software". InfoWorld. Retrieved 2024-10-18.

External links

Categories: